v1.2.0: add jwk thumbprinting

2019-02-07 00:08:32 -07:00 · 2019-02-07 00:08:32 -07:00 · e088eedc8f
parent ef29727655
commit e088eedc8f
5 changed files with 54 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -14,6 +14,7 @@ RSA tools. Lightweight. Zero Dependencies. Universal compatibility.
 * [x] Fast and Easy RSA Key Generation
 * [x] PEM-to-JWK
 * [x] JWK-to-PEM
+* [x] JWK thumbprint
 * [x] SSH "pub" format
 * [ ] ECDSA
  * **Need EC or ECDSA tools?** Check out [Eckles.js](https://git.coolaj86.com/coolaj86/eckles.js)
@ -174,6 +175,14 @@ Qi49OykUCfNZeQlEz7UNNj9RGps/50+CNwIDAQAB
 -----END PUBLIC KEY-----
 ```

+## JWK Thumbprint
+
+```js
+Rasha.thumbprint({ jwk: jwk }).then(function (thumbprint) {
+  console.log(thumbprint);
+});
+```
+
 Testing
 -------

--- a/bin/rasha.js
+++ b/bin/rasha.js
@ -46,7 +46,16 @@ try {
  // ignore
 }

+var thumbprint = ('thumbprint' === format);
+if (thumbprint) {
+  format = 'public';
+}
+
 if ('string' === typeof key) {
+  if (thumbprint) {
+    Rasha.thumbprint({ pem: key }).then(console.info);
+    return;
+  }
  if ('tpl' === format) {
    var block = PEM.parseBlock(key);
    var asn1 = ASN1.parse(block.der);
@ -63,6 +72,10 @@ if ('string' === typeof key) {
    process.exit(1);
  });
 } else {
+  if (thumbprint) {
+    Rasha.thumbprint({ jwk: key }).then(console.info);
+    return;
+  }
  Rasha.export({ jwk: key, format: format }).then(function (pem) {
    if (sign) { signMessage(pem, msg); return; }
    console.info(pem);
--- a/lib/rasha.js
+++ b/lib/rasha.js
@ -5,6 +5,7 @@ var SSH = require('./ssh.js');
 var PEM = require('./pem.js');
 var x509 = require('./x509.js');
 var ASN1 = require('./asn1.js');
+var Enc = require('./encoding.js');

 /*global Promise*/
 RSA.generate = function (opts) {
@ -202,3 +203,26 @@ RSA.nueter = function (jwk) {
  });
  return jwk;
 };
+
+RSA.__thumbprint = function (jwk) {
+  var buf = require('crypto').createHash('sha256')
+    // alphabetically sorted keys [ 'e', 'kty', 'n' ]
+    .update('{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}')
+    .digest()
+  ;
+  return Enc.bufToUrlBase64(buf);
+};
+
+RSA.thumbprint = function (opts) {
+  return Promise.resolve().then(function () {
+    var jwk;
+    if ('RSA' === opts.kty) {
+      jwk = opts;
+    } else if (opts.jwk) {
+      jwk = opts.jwk;
+    } else {
+      jwk = RSA.importSync(opts);
+    }
+    return RSA.__thumbprint(jwk);
+  });
+};
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "rasha",
-  "version": "1.1.0",
+  "version": "1.2.0",
  "description": "💯 PEM-to-JWK and JWK-to-PEM for RSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.",
  "homepage": "https://git.coolaj86.com/coolaj86/rasha.js",
  "main": "index.js",
--- a/test.sh
+++ b/test.sh
@ -149,7 +149,7 @@ rndkey 768
 rndkey 1024
 rndkey 2048 # first secure key size

-if [ "${RASHA_TEST_LARGE_KEYS}" == "true" ]; then 
+if [ "${RASHA_TEST_LARGE_KEYS}" == "true" ]; then
  rndkey 3072
  rndkey 4096 # largest reasonable key size
 else
@ -164,6 +164,12 @@ echo "Pass"

 rm fixtures/*.1.*

+echo ""
+echo "Testing Thumbprints"
+node bin/rasha.js ./fixtures/privkey-rsa-2048.pkcs1.pem thumbprint
+node bin/rasha.js ./fixtures/pub-rsa-2048.jwk.json thumbprint
+echo "PASS"
+
 echo ""
 echo ""
 echo "PASSED:"